Our 24x7 comprehensive monitoring of the Digital Underground can help you transform your information security and anti-fraud operations from reactive to proactive.

orange arrow

Healthcare Industry Targeting by Eastern European Cybercriminals

intro image

Executive Summary

  • On October 28th, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a joint alert on cybercriminals targeting the Healthcare and Public Health (HPH) Sectors in the US to infect systems with ransomware.
  • In fact, during 2020 many hospitals reported that they were hit by ransomware attacks, including but not limited to Universal Health Services, NRC Health, St. Lawrence Health Systems in New York, Sky Lakes Medical Center in Oregon, The University of Vermont Health Network, and Sonoma Valley Hospital in California
  • We conducted an independent analysis of sophisticated Eastern European cybercriminal groups who were engaged in such activity. For the purpose of this research, we analyzed a representative sample of ~250 healthcare institutions compromised by malware during 2020, totaling more than 3,000 infected machines.
  • Our analysis showed that:
    1. While over 30 countries were targeted, from Canada to India to the UAE, the USA seems to have been the primary target, with more than 65% of the total victim institutions
    2. The malware campaigns were not limited to the September – October timeframe. Rather, the targeting began in early 2020 and ramped up in the early weeks of the COVID-19 pandemic.
    3. The scope of the threat targeting the healthcare industry is not limited to hospitals, whose breaches have been widely reported by the media. It extends to numerous types of healthcare institutions. For example, 17% of US-based victims are medical labs.

Download our research report to learn more about the unprecedented targeting of the healthcare industry in recent months